Discussion:
CreateProcessAsUser horror,...
(too old to reply)
Kerem Gümrükcü
2010-02-25 10:09:16 UTC
Permalink
Hi,

for whatever reason (and i am about to go nuts!) this
signatures dont work. Either i get a access violation
error or wrong parameter exception. Could someone
please help me and tell me what the hell is wrong here
and if possible show me a working example. These are
my signatures:

[Flags]
internal enum CreateProcessCreationFlags : uint
{
ZERO_FLAG = 0x00000000,
CREATE_BREAKAWAY_FROM_JOB = 0x01000000,
CREATE_DEFAULT_ERROR_MODE = 0x04000000,
CREATE_NEW_CONSOLE = 0x00000010,
CREATE_NEW_PROCESS_GROUP = 0x00000200,
CREATE_NO_WINDOW = 0x08000000,
CREATE_PROTECTED_PROCESS = 0x00040000,
CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000,
CREATE_SEPARATE_WOW_VDM = 0x00001000,
CREATE_SHARED_WOW_VDM = 0x00001000,
CREATE_SUSPENDED = 0x00000004,
CREATE_UNICODE_ENVIRONMENT = 0x00000400,
DEBUG_ONLY_THIS_PROCESS = 0x00000002,
DEBUG_PROCESS = 0x00000001,
DETACHED_PROCESS = 0x00000008,
EXTENDED_STARTUPINFO_PRESENT = 0x00080000,
INHERIT_PARENT_AFFINITY = 0x00010000
}

[Flags]
internal enum StartupInfoStartupFlags : uint
{
ZERO_FLAG = 0x00000000,
STARTF_USESHOWWINDOW = 0x1,
STARTF_USESIZE = 0x2,
STARTF_USEPOSITION = 0x4,
STARTF_USECOUNTCHARS = 0x8,
STARTF_USEFILLATTRIBUTE = 0x10,
STARTF_RUNFULLSCREEN = 0x20,
STARTF_FORCEONFEEDBACK = 0x40,
STARTF_FORCEOFFFEEDBACK = 0x80,
STARTF_USESTDHANDLES = 0x100,
}

[StructLayout(LayoutKind.Sequential)]
internal struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public uint dwProcessId;
public uint dwThreadId;
}

[StructLayout(LayoutKind.Sequential,
CharSet = CharSet.Unicode)]
internal class STARTUPINFO
{
public uint cb;
[MarshalAs(UnmanagedType.LPWStr)]
public string lpReserved;
[MarshalAs(UnmanagedType.LPWStr)]
public string lpDesktop;
[MarshalAs(UnmanagedType.LPWStr)]
public string lpTitle;
public uint dwX;
public uint dwY;
public uint dwXSize;
public uint dwYSize;
public uint dwXCountChars;
public uint dwYCountChars;
public uint dwFillAttribute;
public StartupInfoStartupFlags dwFlags;
public ushort ShowWindow;
public ushort Reserved2;
public IntPtr Reserved3;
public IntPtr StdInputHandle;
public IntPtr StdOutputHandle;
public IntPtr StdErrorHandle;
}

[DllImport("advapi32.dll",
CharSet = CharSet.Unicode,
SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CreateProcessAsUser(
[In] IntPtr hToken,
[MarshalAs(UnmanagedType.LPWStr)]
[In] string lpApplicationName,
[MarshalAs(UnmanagedType.LPWStr)]
[In] string lpCommandLine,
[In] IntPtr lpProcessAttributes,
[In] IntPtr lpThreadAttributes,
[MarshalAs(UnmanagedType.Bool)]
[In] bool bInheritHandles,
[In] CreateProcessCreationFlags dwCreationFlags,
[In] IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
[In] string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
[Out] out PROCESS_INFORMATION lpProcessInfo);

The "hToken" is valid (confirmed and checked!) and the STARTUPINFO
has been initialized like this:

PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
STARTUPINFO si = new STARTUPINFO();
si.cb = (uint) Marshal.SizeOf(typeof(STARTUPINFO));

The call looks like this:

if (CreateProcessAsUser(
hRestrictedToken, //valid token
appPath, //full path to the executable
cmdLine, //either null or command line params
IntPtr.Zero, //NULL pointer, use defaults
IntPtr.Zero, //NULL pointer, use defaults
false, //no inherit handles
CreateProcessCreationFlags.ZERO_FLAG, //zero flag,
use defaults
IntPtr.Zero, //inherit environment
null, //null directory
ref si, //ref to STARTUPINFO
out pi) == false) //out to PROCESS_INFORMATION
{
throw new Win32Exception();
}

Whatever i tried, "w-h-a-t e-v-e-r" i could not make it work!
Either i got a access violation or a wrong parameter for
GetLastError().

Could someone please show me what i am doing wrong here,
or much better give me a working sample,...

Thanks in advance,...


Kerem
--
-----------------------
Beste Grüsse / Best regards / Votre bien devoue
Kerem Gümrükcü
Latest Project: http://www.pro-it-education.de/software/deviceremover
Latest Open-Source Projects: http://entwicklung.junetz.de
-----------------------
Kerem Gümrükcü
2010-02-25 13:25:19 UTC
Permalink
Well, i found it by my self: All Parameters must be "struct" not "class".
Except that, the signatures are perfectly ok and ready to use! Change
PROCESS_INFORMATION and STARTUPINFO to "struct" and it will work!

Regards

Kerem
--
-----------------------
Beste Grüsse / Best regards / Votre bien devoue
Kerem Gümrükcü
Latest Project: http://www.pro-it-education.de/software/deviceremover
Latest Open-Source Projects: http://entwicklung.junetz.de
-----------------------
Post by Kerem Gümrükcü
Hi,
for whatever reason (and i am about to go nuts!) this
signatures dont work. Either i get a access violation
error or wrong parameter exception. Could someone
please help me and tell me what the hell is wrong here
and if possible show me a working example. These are
[Flags]
internal enum CreateProcessCreationFlags : uint
{
ZERO_FLAG = 0x00000000,
CREATE_BREAKAWAY_FROM_JOB = 0x01000000,
CREATE_DEFAULT_ERROR_MODE = 0x04000000,
CREATE_NEW_CONSOLE = 0x00000010,
CREATE_NEW_PROCESS_GROUP = 0x00000200,
CREATE_NO_WINDOW = 0x08000000,
CREATE_PROTECTED_PROCESS = 0x00040000,
CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000,
CREATE_SEPARATE_WOW_VDM = 0x00001000,
CREATE_SHARED_WOW_VDM = 0x00001000,
CREATE_SUSPENDED = 0x00000004,
CREATE_UNICODE_ENVIRONMENT = 0x00000400,
DEBUG_ONLY_THIS_PROCESS = 0x00000002,
DEBUG_PROCESS = 0x00000001,
DETACHED_PROCESS = 0x00000008,
EXTENDED_STARTUPINFO_PRESENT = 0x00080000,
INHERIT_PARENT_AFFINITY = 0x00010000
}
[Flags]
internal enum StartupInfoStartupFlags : uint
{
ZERO_FLAG = 0x00000000,
STARTF_USESHOWWINDOW = 0x1,
STARTF_USESIZE = 0x2,
STARTF_USEPOSITION = 0x4,
STARTF_USECOUNTCHARS = 0x8,
STARTF_USEFILLATTRIBUTE = 0x10,
STARTF_RUNFULLSCREEN = 0x20,
STARTF_FORCEONFEEDBACK = 0x40,
STARTF_FORCEOFFFEEDBACK = 0x80,
STARTF_USESTDHANDLES = 0x100,
}
[StructLayout(LayoutKind.Sequential)]
internal struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public uint dwProcessId;
public uint dwThreadId;
}
[StructLayout(LayoutKind.Sequential,
CharSet = CharSet.Unicode)]
internal class STARTUPINFO
{
public uint cb;
[MarshalAs(UnmanagedType.LPWStr)]
public string lpReserved;
[MarshalAs(UnmanagedType.LPWStr)]
public string lpDesktop;
[MarshalAs(UnmanagedType.LPWStr)]
public string lpTitle;
public uint dwX;
public uint dwY;
public uint dwXSize;
public uint dwYSize;
public uint dwXCountChars;
public uint dwYCountChars;
public uint dwFillAttribute;
public StartupInfoStartupFlags dwFlags;
public ushort ShowWindow;
public ushort Reserved2;
public IntPtr Reserved3;
public IntPtr StdInputHandle;
public IntPtr StdOutputHandle;
public IntPtr StdErrorHandle;
}
[DllImport("advapi32.dll",
CharSet = CharSet.Unicode,
SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CreateProcessAsUser(
[In] IntPtr hToken,
[MarshalAs(UnmanagedType.LPWStr)]
[In] string lpApplicationName,
[MarshalAs(UnmanagedType.LPWStr)]
[In] string lpCommandLine,
[In] IntPtr lpProcessAttributes,
[In] IntPtr lpThreadAttributes,
[MarshalAs(UnmanagedType.Bool)]
[In] bool bInheritHandles,
[In] CreateProcessCreationFlags dwCreationFlags,
[In] IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
[In] string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
[Out] out PROCESS_INFORMATION lpProcessInfo);
The "hToken" is valid (confirmed and checked!) and the STARTUPINFO
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
STARTUPINFO si = new STARTUPINFO();
si.cb = (uint) Marshal.SizeOf(typeof(STARTUPINFO));
if (CreateProcessAsUser(
hRestrictedToken, //valid token
appPath, //full path to the executable
cmdLine, //either null or command line params
IntPtr.Zero, //NULL pointer, use defaults
IntPtr.Zero, //NULL pointer, use defaults
false, //no inherit handles
CreateProcessCreationFlags.ZERO_FLAG, //zero flag,
use defaults
IntPtr.Zero, //inherit environment
null, //null directory
ref si, //ref to STARTUPINFO
out pi) == false) //out to PROCESS_INFORMATION
{
throw new Win32Exception();
}
Whatever i tried, "w-h-a-t e-v-e-r" i could not make it work!
Either i got a access violation or a wrong parameter for
GetLastError().
Could someone please show me what i am doing wrong here,
or much better give me a working sample,...
Thanks in advance,...
Kerem
--
-----------------------
Beste Grüsse / Best regards / Votre bien devoue
Kerem Gümrükcü
Latest Project: http://www.pro-it-education.de/software/deviceremover
Latest Open-Source Projects: http://entwicklung.junetz.de
-----------------------
Loading...